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Show legal status actions 



ie present invention provides systems and methods for secure 
transaction management and electronic rights protection. Electronic 
appliances such as computers equipped in accordance with the 
present invention help to ensure that information is accessed and 
used only in authorized ways, and maintain the integrity, availability, 
and/or confidentiality of the information. Such electronic appliances 
provide a distributed virtual distribution environment (VDE) that may 
enforce a secure chain of handling and control, for example, to 
control and/or meter or otherwise monitor use of electronically 
stored or disseminated information. Such a virtual distribution 
environment may be used to protect rights of various participants in 
electronic commerce and other electronic or electronic-facilitated 
transactions. Distributed and other operating systems, environments 
and architectures, such as, for example, those using tamper- 
resistant hardware-based processors, may establish security at 
each node. These techniques may be used to support an all- 
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permitted between 
participants 


US5221833 


6/1993 


Hecht 


Xerox Corporation 


Methods and means for 
reducing bit error rates in 
reading self-clocking glyph 
codes 


US5222134 


6 /1 993 


Waite et al. 


Tau Systems 
Corporation 


Secure system for 
activating personal 
computer software at 




remote locations 


US5224160 


6/1993 


Paulini et al. 


Siemens Nixdorf 
Informationssysteme 
AG 


Process for securing and 
for checking the integrity of 




the secured programs 


US5224163 


6/1993 


Gasser et al. 


Digital Equipment 
Corporation 


Method for delegating 
authorization from one 
entity to another through 




the use of session 
encryption keys 


US5235642 


8/1993 


Wobber et al. 


Digital Equipment 
Corporation 


Access control subsystem 
and method for distributed 
computer system using 
locally cached 
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corporation 


locally cached 
authentication credentials 


US5245165 


9/1993 


Zhang 


Xerox Corporation 


Self-clockina alvDh code 
for encodina dual bit digital 




values robustly 


US5247575 


9/1993 


Sprague et aL 




Information distribution 




system 


US5260999 


11 /1993 


Wyman 


Digital Equipment 
Corporation 


Filters in license 
management system 


US5263158 


11 /1993 


Janis 


International 
Business Machines 
Corporation 


Mpfhnrl anri Qv/QtAm fnr 
i vie Li iuu en i\j oyoiviii IUI 

variable authority level 
user access control in a 
distributed data orocessino 




system having multiple 
resource manager 


US5265164 


11 /1993 


Matyas et aL 


International 
Business Machines 
Corporation 


Cryptographic facility 
environment 
backup/restore and 




replication in a public key 
cryptosystem 


1 IS«W7fi7V> 


1 /1994 


Boebert et al. 


Secure Computing 
Corporation 


Data enclave and trusted 


UOJ£ /Of OsJ 


path system 




1 /1994 


Mary 


Matra 
Communication 


Device for insertion of 

Uiyilal fJalrlVclo 111 a 




transmission channel 


US5285494 


2/1994 


Sprecher et 
at. 


PacTel Corporation 


Network management 




system 


US5301231 


4/1994 


Abraham et 
al. 


International 
Business Machines 
Corporation 


User defined function 




facility 


US5311591 


5/1994 


Fischer 




Computer system security 

mothr^H anrl nnnsrstiic for 

creating and using 




program authorization 
information data structures 


US5319705 


6/1994 


Halter et al. 


International 
Business Machines 
Corporation 


Method and system for 
multimedia access control 




enablement 


US5337360 


8/1994 


Fischer 




Method and apparatus for 
creating, supporting, and 




usina travpllino Droarams 


US5341429 


8 /1994 


Stringer et al. 


TestDrive 
Corporation 


Transformation of 




ephemeral material 


US5343527 


8/1994 


Moore 


International 
Business Machines 
Corporation 


Hybrid encryption method 
and system for protecting 
reusable software 




components 


US5347579 


9/1994 


Blandford 




Personal computer diary 


US5351293 


9/1994 


Michener et 
al. 


Wave Systems 
Corp. 


System method and 
apparatus for 
authenticating an 




encrypted signal 


US5355474 


11 /1994 


Thuraisngham 
et al. 




System for multilevel 
secure database 

monanomont 1 1 c i n n o 
llldl ldvlci 1 Id 11 UolML] a 

knowledge base with 
release-based and other 




security constraints for 
query, response and 
update modification 


US5373561 


12/1994 


Haber et al. 


Bell 

Communications 


Method of extending the 
validity of a cryptographic 
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Research, Inc. 


certificate 


US5390247 


2/1995 


Fischer 




MothoH anH annorati 10 for 
IVItJlNUU ailU dppoialUd TUT 

creatinq. supporting, and 




using travelling programs 


US5390330 


2/1995 


Talati 




Control system and 
method for direct execution 
of software application 




information models without 
code qeneration 


US5392220 


2/1995 


van den 
Hamer et at. 


U.S. Philips 
Corporation 


Method and svstem for 




organizing data 


■ 1 o ^ O O O O O O 

US5392390 


2/1995 


Crozier 


IntelliLink Corp. 


Method for mapping, 
translating, and 
dynamically reconciling 




data between disparate 
computer platforms 


US5394469 


2 /1995 


Nagel et al. 


Infosafe Systems, 
Inc. 


ivieinoo ana apparatus tot 
retrieving secure 
information from mass 




storage media 


US54 10598 


4/1995 


Shear 


Electronic 
Publishing 
Resources, Inc. 


Hotohoca i icons motArinn 

uaiaDose usage meienng 
and protection svstem and 




method 


US5412717 


5/1995 


Fischer 




Computer system security 

IMclMUU ailU appal alub 

having program 




authorization information 
data structures 


US5421006 


5/1995 


Jablon 


Compaq Computer 
Corp. 


Method and apparatus for 
assessing integrity of 




computer system software 


US5422953 


6/1995 


Fischer 




Personal date/time notarv 




Howioo 
UjgV|L>C 


1 IOC /I OO^A/^ 

US5428606 


6/1995 


Moskowitz 




Digital information 




commodities exchange 


US5438508 


8/1995 


Wyman 


Digital Equipment 
Corporation 


License document 
interchange format for 
license management 




system 


US5442645 


8/1995 


Ugon 


Bull CP8 


ivieinuu ror cnecKiny ine 
integrity of a program or 
data, and apparatus for 




implementing this method 


US5444779 


8/1995 


Daniele 


Xerox Corporation 


Electronic copyright rovaltv 
accounting svstem using 




glyphs 




9/1995 


Hecht et al. 


Xerox Corporation 


Explicit synchronization for 
self-clocking glyph codes 


US5449896 


9/1995 


Hecht et al. 


Xerox Corporation 


Random access 
technigues for use with 




self-clocking glyph codes 


US5450493 


Z/ 1 1 ZJ ZJ \J 


Mah^r 


AT&T Corn 


Secure communication 


v-/ r \j \j ~ \j \j 


method and apparatus 


US5453601 


9 /1995 


Rosen 


Citibank N A 


Electronic-monetary 




system 


US5453605 


9/1995 


Hecht et al. 


Xerox Corporation 


Global addressability for 
self-clocking glyph codes 


US5455407 


10/1995 


Rosen 


Citibank, N.A. 


Electronic-monetary 




system 


US5455861 


10/1995 


Faucher et al. 


AT&T Corp. 


Secure 




telecommunications 
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US5455953 


11 /1993 


Russell 


Wang Laboratories, 
Inc. 


Authorization system for 
obtaining in single step 
both identification and 
access riahts of client to 




server directly from 
encrypted authorization 


US5457746 


10/1995 


Dolphin 


Spyrus, Inc. 


Svstem and method for 
access control for portable 




Udld olUlaijc; Iilt?Ulci 


US5463565 


10/1993 


Cookson et al. 


Timp Warnpr 

1 II 1 IC V V Gl 1 ICI 

Entertainment Co., 
LP. 


Data block format for 
software carrier and player 




therefor 


US5473687 


12/1995 


Lipscomb et 
al. 


Infosafe Systems, 
Inc. 


Method for retrieving 
secure information from a 


- — 


database 


US5473692 


12/1995 


Davis 


Intel Corporation 


Roving software license for 




a hardware agent 


US5479509 


12/1995 


Ugon 


Bull CP8 


Method for sianature of an 
information processing file, 
and apparatus for 




implementing it 


US5485622 


1 /1996 


Yamaki 


Kabushiki Kaisha 
Toshiba 


Password processinq 




system for computer 


US5491800 


O /1QQR 


Goldsmith et 
al. 


Talinpnt Inr 

IGll^dll, II lO. 


Object-oriented remote 
procedure call networking 




svstem 


US5497479 


3/1996 


Hornbuckle 


SofTel, Inc. 


Method and apparatus for 
remotely controlling and 
monitoring the use of 




computer software 


US54974Q1 


^ /1 QQfi 


Mitrhpll pt al 

IVIIlwl Igll CI Gl. 


International 

Ri i^inPQQ Maphinp^ 

LJLJOII ICOO IVIGwl III ICO 

Corporation 


System and method for 
importing and exporting 
aaia oeiween an ouiect 
oriented comoutino 




environment and an 
external computing 
environment 


US5499298 


3/1996 


Nara^imhah i 

IvGI GOII 1 II IGIU 

et al. 


National I JnivprQih/ 

of Singapore ' 


Controlled dissemination of 




digital information 


US5504757 


9/1994 


Cook et al. 


International 
Business Machines 
Corporation 


Method for selecting 
transmission speeds for 
transmitting data packets 




over a serial bus 


US5504837 


4/1996 


Griffeth et al. 


Bell 

Communications 
Research, Inc. 


Method for resolving 
conflicts among distributed 
entities through the 
generation of counter 
proposals by transversing 
a goal hierarchy with 

annpntahlp unarrpntahlp 

and indeterminate nodes 


US5508913 


4/1996 


Yamamoto et 


Fujitsu Limited 


Electronic automatic offer 
matching svstem for 
freezer exchanae 




transactions among banks 


US5509070 


4/1996 


Schull 


SoftLock Services 
Inc. 


Method for encouraninn 
purchase of executable 
and non-executable 
software 


US5513261 


4/1996 


Maher 


AT&T Corp. 


Kev management scheme 
for use with electronic 
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Uai vio 


1 ICCCOftOOC 

US553Q235 


6 /1996 


Stefik et al. 


Xerox Corporation 


Interactive contents 




revealing storage device 


US5530752 


6/1996 


Rubin 


Corporation 


Systems and methods for 

nmtprtinn ^oftwarp from 

|JI VJICOlll 1 y OWi IVVOI V? II Will 

unlicensed coovina and 




use 


US5533123 


7/1996 


Force et al. 


National 
Semiconductor 
Corporation 


Programmable distributed 




personal security 




7/1996 


Stefik et al. 


Xerox Corporation 


Document Drocessinq 
svstem utilizing document 

con/iro parHe tr\ r\rrt\/iHo 
ocl VILrC UaivJo IU piUVlUt? 




document processing 
services 


US5537526 


7/1996 


Anderson et 
al. 


Taugent, Inc. 


Method and apparatus for 
processing a display 
document utilizing a 




svstem level document 
framework 


US5539735 


7/1996 


Moskowitz 




Digital information 




commodities exchange 


US5539828 


7/1996 


Davis 


Intel Corporation 


rVfjpdl alUo ailu lilclflUU IUI 

providing secured 




communications 


US5550971 


8/1996 


Brunner et al. 


U S West 
Technologies, Inc. 


Method and system for 
generaiing a user inienace 
adaptable to various 




database management 
systems 


US5553282 


9/1996 


Parrish et al. 


Taligent, Inc. 


Software project history 
database and method of 




nnpratinn 


1 IOCCC7CH Q 

Uoboo/ olo 


9 /1996 


Rosen 


Citibank, N.A. 


Trusted agents for open 




electronic commerce 


US5568552 


1 0 /1 996 


Davis 


Intel Corporation 


IVICUIUU IUI [JlUVIUIIiy a 

roving software license 
from one node to another 




node 


US5572673 


11 /1996 


Shurts 


Sybase, Inc. 


Secure multi-level system 
for executing stored 




procedures 


US5592549 


1 /1997 


Nagel et al. 


Infosafe Systems, 
Inc. 


Method and apparatus for 
retrieving selected 
information from a secure 




information source 


US56 13004 


3/1997 


Cooperman et 
al. 


The Dice Company 


Steganographic method 




and device 


US5621797 


4/1997 


Rosen 


Citibank, N.A. 


Electronic ticket 
presentation and transfer 




method 


US5629980 


5/1997 


Stefik et al. 


Xerox Corporation 


System for controlling the 
distribution and use of 




digital works 


US5633932 


5/1997 


Davis et al. 


Intel Corporation 


Apparatus and method for 
preventing disclosure 
through user- 
authentication at a printing 
node 


US5634012 


5/1997 


Stefik etal. 


Xerox Corporation 


System for controlling the 
distribution and use of 
digital works having a fee 
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di git al work s having a fee 











reporting mechanism 


US5636292 


6 /1997 


Rhoads 


Digimarc 
Corporation 


Steganoaraphy methods 
employing embedded 




calibration data 


US5638443 


6/1997 


Stefik 


Xerox Corporation 


System for controllinq the 
distribution and use of 




composite diqital works 


US5638504 


6 /1997 


Scott et al. 


Object Technology 
Licensing Corp. 


System and method of 
processing documents with 




document proxies 


US5640546 


6/1997 


Gopinath et 
al. 


Network Programs, 
Inc. 


Composition of systems of 
objects by interlocking 
coordination, projection, 




and distribution 


US5655077 


8/1997 


Jones et al. 


Microsoft 
Corporation 


Method and system for 
authenticating access to 
heterogeneous computing 




services 


US5687236 


11 /1997 


Moskowitz et 
al. 


The Dice Company 


Steganographic method 




and device 


US5689587 


11 /1997 


Bender et al 


Massachusetts 
Institute of 
Technology 


Method and apparatus for 


%rf \f w \f W 1 


data hiding in images 


US5692180 


11/1997 


Lee 


International 
Business Machines 
Corporation 


Object-oriented cell 
directory database for a 
distributed computing 
environment 


US571 0834 


1 /1998 


Rhoads 


Digimarc 
Corporation 


ivieinou ana apparatus 
responsive to a code 
signal conveyed through a 




graphic image 


US5740549 


4/1998 


Reilly et al. 


PointCast, Inc. 


Information and advertising 
distribution system and 




method 


US5745604 


4/1998 


Rhoads 


Digimarc 
Corporation 


iueniiricaiion/auineniicauon 
system using robust, 




distributed coding 


US5748763 


5/1998 


Rhoads 


Digimarc 
Corporation 


Imanp ^tpnannnranhv 

ii i iayc oic^ai iu^i ly 

system featuring 
perceptually adaptive and 




globally scalable signal 


US5748783 


5 /1998 


Rhoads 


Digimarc 
Corporation 


Method and apparatus for 




robust information coding 


US5748960 


5/1998 


Fischer 




Method and apparatus for 
validating travelling obiect- 
oriented programs with 




digital signatures 


US5754849 


5/1998 


Dyer et al. 


Wayfarer 
Communications, 
Inc. 


Self-describing obiect 
providing dynamic 
manipulation or 
heterogeneous data values 
and semantic identity 




between memory and 

transmission 

representations 


US5757914 


5/1998 


McManis 


oui i iviiisi uoy oici i io, 

Inc. 


System and method for 
Drotectina use of 
dynamically linked 




executable modules 


US5758152 


5/1998 


LeTourneau 


Prime Arithmetics, 


Method and apparatus for 
the generation and 
manipulation of data 
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US5758152 


5/1998 


LeTourneau 


Inc. 


manipulation of data 




structures 








Trustees of 
Dartmouth College 


System and method for 

manflninn mnvrinhtpH 

1 1 icn IG11411 iy KsKJ^jyi ii^i lieu 




electronic media 


US5768426 


6/1998 


Rhoads 


Digimarc 
Corporation 


Graphics processina 
system employing 




embedded code signals 



CLAIMS: We claim: 
[Hide claims] : 1 . A method for using at least one resource processed in a secure 
operating environment at a first appliance, said method comprising: 

• securely receiving a first entity's control at said first 
appliance, said first entity being located remotely from said 
operating environment and said first appliance; 

• securely receiving a second entity's control at said first 
appliance, said second entity being located remotely from 
said operating environment and said first appliance, said 
second entity being different from said first entity; and 

• securely processing a data item at said first appliance, using 
at least one resource, including securely applying, at said first 
appliance through use of said at least one resource said first 
entity's control and said second entity's control to govern use 
of said data item. 

2. A method for securely managing at least one operation on a 
data item performed at least in part by an electronic arrangement 
disposed at a first site, said method comprising: 

• (a) securely delivering a first procedure to said electronic 
arrangement at said first site from a second site different from 
said first site; 

• (b) securely delivering, to said electronic arrangement at said 
— first site from a third site different from said first and second 

sites, a second procedure separable or separate from said 
first procedure; and 

• (c) performing, at least in part with said electronic 
arrangement at said first site, at least one operation on said 
data item, including using said first and second procedures in 
combination to at least in part securely manage said 
operation. 

3. A method as in claim 2 including performing said delivering 
step (b) at a time different from the time said delivering step (a) is 
performed. 

4. A method as in claim 2 wherein said step (a) includes 
delivering said first procedure from a first source, and said step (b) 
includes delivering said second procedure from a second source 
different from said first source. 

5. A method as in claim 2 further including ensuring the integrity 
of said first and second procedures. 

6. A method as in claim 2 further including validating each of said 
first and second procedures. 

7. A method as in claim 2 further including authenticating each of 
said first and second procedures. 

8. A method as in claim 2 wherein said using step (c) includes 
executing at least one of said first and second procedures within a 
tamper-resistant environment. 

9. A method as in claim 2 wherein said step (c) includes the step 
of controlling said data" item with at least one of said first and second 
procedures. 
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10. A method as in claim 2 further including establishing a 
relationship between at least one of said first and second 
procedures and said data item. 

1 1 . A method as in claim 2 further including establishing 
correspondence between said data item and at least one of said first 
and second procedures. 

12. A method as in c l aim 2 wherein said delivering step (b) 
comprises delivering at ieast one load module encrypted at least in 
part. 

13. A method as in clajm J 2 wherein said delivering step (a) 
comprises delivering at least one further load module encrypted at 
least in part. 

14. A method as in claim 2 wherein said delivering step (b) 
comprises delivering at least one content container carrying at least 
in part encrypted control information. 

15. A method as in claim 2 wherein said delivering step (b) 
comprises delivering a control method and at least one further 
method. 

16. A method as in claim 2 wherein said delivering step (a) 
includes: 

• encrypting at least a portion of said first procedure, 

• communicating said at least in part encrypted first procedure 
to said electronic arrangement, 

• decrypting at least a portion of said first procedure at least in 
part using said electronic arrangement, and 

• validating said first procedure with said electronic 
arrangement. 

17. A method as in clai m 2 wherein said delivering step (b) 
includes delivering at least one of said first and second procedures 
within an administrative object. 

18. A method as in claim 2 wherein said delivering step (b) 
includes codelivering said second procedure in at least in part 
encrypted form with said data item. 

19. A method as in claim 2 wherein said performing step includes 
metering usage. 

20. A method as in claim 2 wherein said performing step includes 
auditing usage. 

21. A method as in claim 2 wherein said performing step includes 
budgeting usage. 

22. A method of securely controlling use by a third party of at 
least one protected operation with respect to a data item comprising: 

• (a) supplying at least a first control from a first party to said 
third party; 

• (b) supplying, to said third party, at least a second control 
from a second party different from said first party; 

• (c) securely combining, at said third party's location, said first 
and second controls to form a control arrangement; 

• (d) securely requiring use of said control arrangement in 
order to perform at least one protected operation using said 
data item; and 

• (e) securely performing said at least one protected operation 
on behalf of said third party with respect to said data item by 
at least in part employing said control arrangement. 

23. A method as in claim 22 wherein said data item is protected. 

24. A method as in daim. 22 wherein at least one of said plural 
controls includes a control relating to metering at least one aspect of 
use of said protected data item. 

25. A method as in claim 22 wherein at least one of said plural 
controls include a control relating to budgeting at least one aspect of 
use of said protected data item. 

26. A secure method for combining data items into a composite 
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data item comprising: 

• (a) securely providing, from a first location to a second 
location, a first data item having at least a first control 
associated therewith; 

• (b) securely providing, from a third location to said second 
location, a second data item having at least a second control 
associated therewith; 

• (c) forming, at said second location, a composite of said first 
and second data items; 

• (d) securely combining, at said second location, said first and 
second controls to form a control arrangement; and 

• (e) performing at least one operation on said composite of 
said first and second data items based at least in part on said 
control arrangement. 

27. A method as in claim 26 wherein said combining step includes 
preserving each of said first and second controls in said composite 
set. 

28. A method as in claim 26 wherein said performing step 
comprises governing the operation on said composite of said first 
and second data items in accordance with said first control and said 
second control. 

29. A method as in claim 26 wherein said providing step includes 
ensuring the integrity of said association between said first controls 
and said first data item is maintained during at least one of 
transmission, storage and processing of said first data item. 

30. A method as in claim 2 6 wherein said providing step 
comprises delivering said first data item separately from said first 
control. 

31. A method as in claim 26 wherein said providing step 
comprises codelivering said first data item and said first control. 

32. A secure method for controlling a protected operation 
comprising: 

• (a) securely delivering at least a first control and a second 
control representing rights of first and second entities, 
respectively, to an electronic appliance used by a third entity; 
and 

• (b) controlling at least one protected operation at least in part 
in response to a request by said third entity based at least in 
part on a combination of said first and second controls, 
including at least one of the following steps: 

o resolving at least one conflict between said first and 
second controls based on a predefined order; 

o providing an interaction with said third entity to form 
said combination; and 

o dynamically negotiating between said first and second 
controls. 

33. A method as in claim 32 wherein said controlling step (b) 
includes controlling decryption of electronic content. 

34. A method as in claim 3 2 further including: 

• receiving protected electronic content from a party; and 

• authenticating the identity of said party prior to using said 
received protected electronic content. 

35. A method for using at least one resource processed by a 
secure operating environment, said method comprising: 

• securely receiving a first load module provided by a first entity 
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external to said operating environment; 

• securely receiving a second load module provided by a 
second entity external to said operating environment, said 
second entity being different from said first entity; and 

• securely processing, using at least one resource, a data item 
associated with said first and second load modules, including 
securely applying said first and second load modules to 
manage use of said data item. 

36. A secure operating environment system for managing at least 
one resource comprising: 

• a communications arrangement that securely receives a first 
control of a first entity external to said operating environment, 
and securely receives a second control of a second entity 
external to said operating environment, said second entity 
being different from said first entity; and 

• a protected processing environment, operatively connected 
to said communications arrangement, that: 

o (a) securely processes, using at least one resource, a 

data item logically associated with said first and 

second controls, and 
o (b) securely applies said first and second controls to 

manage said resource for controlling use of said data 

item. 

37. A method as in claim 1 further including securely and 
persistently associating at least one of said first entity's control and 
said second entity's control with said data item. 

38. A method as in claim 2 further including securely and 
persistently associating at least one of said first and second 
procedures with said data item. 

39. A method as in claim 22 further including securely and 
persistently associating at least one of: (a) said first control, (b) said 
second control, and (c) said control arrangement, with said data 
item. 

40. A method as in clai m 2 6 further including the step of securely 
ensuring that at least one of (a) said first control, (b) said second 
control, and (c) said control arrangement, is persistently associated 
with at least one of said first and second data items. 

41 . A method as in claim 32 further including the step of 
persistently and securely associating at least one of said first and 
second controls with said protected operation. 

42. A method as in claim 35 further including the step of 
persistently and securely associating at least one of said first and 
second load modules with said data item. 

43. A system as in c laim 36 wherein said protected processing 
environment securely and persistently associates at least one of 
said first and second controls with said data item. 

44. A method as in claim 1 further including the step of allowing a 
user to select between said first entity's control and said second 
entity's control. 

45. A method as in claim 22 further including the step of allowing 
a user to select between said first procedure and said second 
procedure. 

46. A method as in claim 22 further including the step of allowing 
a user to select between said first control and said second control. 

47. A method as in claim 26 further including the step of allowing 
a user to select between said first control and said second control. 

48. A method as in c|ajm_32 further including the step of allowing 
a user to select between said first control and said second control. 

49. A method as in claim 35 further including the step of allowing 
a user to select between said first load module and said second load 
module. 

50. A system as in claim 36 wherein said protected processing 
environment allows said user to select between said first control and 
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said second control. 

51 . A method as in cl aim 1 wherein at least said secure 
processing step is performed at an end user electronic appliance. 

52. A method as in claim 2 wherein at least said performing step 
is performed at an end user electronic appliance. 

53. A method as in claim 22 wherein at least two of the recited 
steps are performed at an end user electronic appliance. 

54. A method as in claim 26 wherein at least one of steps (c), (d) 
and (e) is performed at an end user electronic appliance. 

55. A method as in claim 32 wherein step (b) is performed at an 
end user electronic appliance. 

56. A method as in claim 35 wherein at least two of the recited 
steps are performed at an end user electronic appliance. 

57. A system as in claim 36 wherein said protected processing 
environment is part of an end user electronic appliance. 

58. A method as in claim 1 wherein the step of securely receiving 
a first entity's control comprises securely receiving said first entity's 
control from a remote location over a telecommunications link, and 
the step of securely receiving said second entity's control comprises 
securely receiving said second entity's control from the same or 
different remote location over the same or different 
telecommunications link. 

59. A method as in claim 2 wherein step (a) comprises securely 
delivering said first procedure from a remote location over a 
telecommunications link, and step (b) comprises securely delivering 
said second procedure from the same or different remote location 
over the same or different telecommunications link. 

60. A method as in claim 22 wherein step (a) comprises supplying 
said first control from at least one remote location over a 
telecommunications link, and step (b) comprises supplying said 
second control from the same or different remote location over the 
same or different telecommunications link. 

61 . A method as in claim 26 wherein step (a) comprises providing 
said first data item from at least one remote location over a 
telecommunications link, and step (b) comprises providing said 
second data item from the same or different remote location over 
the same or different telecommunications link. 

62. A method as in claim 32 wherein step (a) comprises securely 
delivering said first and second controls from at least one remote 

— location over at least one telecommunications link. 

63. A method as in c lai m 35 wherein said first load module 
receiving step comprises securely receiving said first load module 
from at least one remote location over at least one 
telecommunications link, and said second load module receiving 
step comprises securely receiving said second load module from the 
same or different remote location over the same or different 
telecommunications link. 

64. A system as in claim 36 wherein said communications 
arrangement receives said first and second controls from at least 
one remote location over at least one telecommunications link. 

65. A method as in cl aim 1 wherein the processing step includes 
processing said first and second controls within the same secure 
processing environment. 

66. A method as in claim 2 wherein step (c) includes executing 
said first and second procedures within the same secure processing 
environment. 

67. A method as in claim 22 wherein at least step (c) is performed 
within the same secure processing environment at said third party's 
location. 

68. A method as in claim 26 wherein step (d) is performed within 
the same secure processing environment at said second location. 

69. A method as in claim 32 wherein step (a) comprises securely 
delivering said first and second controls into said same secure 
processing environment used by or on behalf of said third entity. 

70. A method as in c laim 35 wherein said securely processing 
step comprises securely executing said first and second load 
modules within the same secure processing environment. 

71 . A method as in claim 1 further including the step of securely 
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combining said first entity's control and said second entity's control 
to provide a combined control arrangement. 

72. A method as in claim 2 further including combining said first 
and second procedures to provide a combined procedure. 

73. A method as in c laim 32 further including securely combining 
said first and second controls to provide a combined control 
arrangement. 

74. A method as in claim 35 further including securely combining 
said first and second load modules to provide a combined 
executable. 

75. A system as in claim 36 wherein said protected processing 
environment combines said first and second controls to provide a 
combined control arrangement. 

76. A method as in claim 1 wherein said two securely receiving 
steps are independently performed at different times. 

77. A method as in claim 3 wherein steps (a) and (b) are 
independently performed. 

78. A method as in cjajm_22 wherein steps (a) and (b) are 
performed at different times. 

79. A method as in claim 26 wherein steps (a) and (b) are 
performed at different times. 

80. A method as in clalm_32 wherein step (a) includes securely 
and independently delivering said first and second controls at 
different times. 

81 . A method as in claim 35 wherein said securely receiving steps 
are performed independently at different times. 

82. A system as in claim 36 wherein said communications 
arrangement independently receives said first and second controls 
at different times. 

83. A method as in claim 2 further including the step (d) of 
securely conditioning at least one aspect of use of said data item 
based on said delivering steps (a) and (b) having occurred. 

84. A method as in claim 1 wherein at least one of the first entity's 
control and the second entity's control comprises at least one 
executable component and at least one data component. 

85. A method as in claim 22 wherein at least one of the first and 
second controls comprises at least one executable component and 
at least one data component. 

86. A method as in claim 26 wherein at least one of the first and 
second controls comprises at least one executable component and 
at least one data component. 

87. A method as in claim 32 wherein at least one of the first and 
second controls comprises at least one executable component and 
at least one data component. 

88. A system as in claim 36 wherein at least one of the first 
control and second controls comprises at least one executable 
component and at least one data component, and the protected 
processing environment executes the executable component in a 
manner that is at least in part responsive to the data component. 

89. A method as in claim 1 wherein said first appliance includes a 
protected processing environment, and wherein: 

• said method further comprises a step of receiving, at said first 
appliance, said data item separately and at a different time 
from said receiving said first entity's control; and 

• said securely processing step is performed at least in part in 
said protected processing environment. 

90. A method as in claim 2 wherein: 

• said method further comprises a step of delivering said data 
item to said electronic arrangement separately and at a 
different time from said delivering said first procedure; and 

• said performing step is performed at least in part in a 
protected processing environment. 
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91 . A method as in claim 22 wherein: 

• said method further comprises supplying said data item to 
said third party separately and at a different time from 
supplying of said first control to said third party; and 

• said securely performing step comprises performing said 
protected operation at least in part in a protected processing 
environment. 

92. A method as in claim 26 wherein: 

• said method further includes the steps of: 

o providing said first data item separately and at a 
different time from providing of said first control, and 

o providing said second data item separately and at a 
different time from providing of said second control; 
and 

• step (e) comprises performing said operation at least in part 
in a protected processing environment. 

93. A method as in claim 32 wherein: 

• said method further comprises delivering a data item to said 
electronic appliance; 

• said securely delivering step (a) further comprises delivering 
at least one of said first control and said second control 
separately and at a different time from delivering said data 
item; and 

• said method further includes performing said protected 
operation at least in part in a protected processing 
environment. 

94. A method as in claim 35 wherein said secure operating 
environment includes a protected processing environment, and 
wherein: 

• said method further comprises receiving a data item within 
said secure operating environment; 

• said first load module receiving step is performed separately 
and at a time different from receiving said data item; and 

• said securely processing step is performed at least in part in 
said protected processing environment. 

95. A secure operating environment system as in claim 36 
wherein said communications arrangement also receives a data 
item separately and at a different time from at least one of said first 
control and said second control. 

96. A method as in claim 1 wherein said first appliance is at least 
a part of an arrangement at a user site providing an input/output bus 
connecting a first electronic subsystem with at least a second 
electronic subsystem, said first electronic subsystem including a first 
electrical connector connected to said input/output bus, said second 
electronic subsystem including a second electrical connector 
connected to said input/output bus, and wherein: 

• said method further comprises establishing a secure 
transmission channel on said input/output bus and 
transferring at least a portion of said data item over said 
secure transmission channel from said first electronic to said 
second electronic subsystem through said first and second 
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connectors and said input/output bus. 

97. A method as in claim 2 wherein said electronic arrangement is 
disposed at a user site and provides an input/output bus connecting 
a first electronic appliance with at least a second electronic 
appliance, said first electronic appliance including a first electrical 
connector connected to said input/output bus, said second 
electronic appliance including a further electrical connector 
connected to said input/output bus, and wherein: 

• said method further comprises establishing a secure 
transmission channel on said input/output bus and 
transferring at least a portion of said data item over said 
secure transmission channel from said first electronic 
appliance to said second electronic appliance through said 
first and second connectors and said input/output bus. 

98. A method as in claim 2 2 wherein an input/output bus at said 
third party's location connects a first electronic appliance with at 
least a second electronic appliance, said first electronic appliance 
including a first electrical connector connected to said input/output 
bus, said second electronic appliance including a second electrical 
connector connected to said input/output bus, and wherein: 

• said method further comprises establishing a secure 
transmission channel on said input/output bus and 
transferring at least a portion of said data item over said 
secure transmission channel from first electronic appliance to 
said second electronic appliance through said first and 
second connectors and said input/output bus. 

99. A method as in cl ai m 26 wherein an input/output bus at said 
second location connects a first electronic appliance with at least a 
second electronic appliance, said first electronic appliance including 
a first electrical connector connected to said input/output bus, said 
second electronic appliance including a second electrical connector 
connected to said input/output bus, and wherein: 

• said method further comprises establishing a secure 
transmission channel on said input/output bus and 
transferring at least a portion of at least one of said first data 
item and said second data item over said secure 
transmission channel from first electronic appliance to said 
second electronic appliance through said first and second 
connectors and said input/output bus. 

100. A method as in claim 32 wherein said electronic appliance 
includes a first electronic subsystem having a first electrical 
connector, a second electronic subsystem having a second 
electronic connector, and an input/output bus connecting said first 
electronic subsystem with said second electronic subsystem, and 
wherein: 

• said method further comprises establishing a secure 
transmission channel on said input/output bus and 
transferring at least a portion of at least one data item over 
said secure transmission channel from first electronic 
subsystem to said second electronic subsystem through said 
first and second connectors and said input/output bus. 

101 . A method as in claim 35 wherein said secure operating 
environment is contained within an arrangement at a user site 
further comprising an input/output bus connecting a first electronic 



http://\vww.delphion.com/details?&pn=US05982891_&s_clms=l 



3/5/01 



Systems and methods for secure transaction management and electronic rights protection Page 23 of 31 



appliance with at least a second electronic appliance, said first 
electronic appliance including a first electrical connector connected 
to said input/output bus, said second electronic appliance including 
a second electrical connector connected to said input/output bus, 
and wherein: 



• said method further comprises establishing a secure 
transmission channel on said input/output bus, and 
transferring at least a portion of said data item over said 
secure transmission channel from said first electronic 
appliance to said second electronic appliance through said 
first and second connectors and said input/output bus. 

102. A secure operating environment system as in claim 36 
wherein the secure operating environment is located at a user site 
and wherein: 



• said system further comprises: 

o a first electronic appliance including a first electrical 
connector, 

o a second electronic appliance including a second 

electrical connector, and 
o an input/output bus connecting said first electrical 

connector with said second electrical connector; and 

• wherein said communications arrangement is coupled to said 
input/output bus, opens a secure transmission channel on 
said input/output bus, and transfers at least a portion of said 
data item over said secure transmission channel through said 
first and second electrical connectors and said input/output 
bus. 
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